You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@cxf.apache.org by KJanssens <kr...@xt-i.com> on 2013/04/19 08:51:57 UTC

CXF client for WCF service with ws-trust

I've built a CXF client by configuring the necessary beans in Spring.

When I run my client, these are the soap messages I get from the log file:
1. Client sends a soap msg to STS server to request a token
2. If authenticated, the STS server replies with a token
3. Client sends a message with the token embedded in it to the WCF service
to invoke an operation
4. WCF service should" reply with an answer from the invoked operation

But instead I get following errormessage from the WCF service: "An error
occurred when verifying security for the message."

I also have the logging of a .NET client to access the same WCF service and
I noticed he acted differently:
1. Client sends soap msg to STS server to request token#1
2. If authenticated, the STS server replies with token#1
3. Client sends a message with token#1 embedded in it to the WCF service and
a request for token#2
4. If token#1 is authenticated, the WCF service replies with token#2
5. Client sends a message with token#2 embedded in it to the WCF service to
invoke an operation
6. WCF service replies with an answer from the invoked operation


I can't seem to find anything about this in the CXF documentation, so
hopefully I'm missed it or is this behaviour not supported by the CXF
framework?



--
View this message in context: http://cxf.547215.n5.nabble.com/CXF-client-for-WCF-service-with-ws-trust-tp5726516.html
Sent from the cxf-user mailing list archive at Nabble.com.

Re: CXF client for WCF service with ws-trust

Posted by KJanssens <kr...@xt-i.com>.

To be thorough:

1)  CXF client config
<http://cxf.547215.n5.nabble.com/file/n5726519/Copy_of_cxf_client.xml>  

2)  CXF client soap log
<http://cxf.547215.n5.nabble.com/file/n5726519/soap.xml>  

3)  .Net fiddler log
<http://cxf.547215.n5.nabble.com/file/n5726519/soap_net.saz>  



--
View this message in context: http://cxf.547215.n5.nabble.com/CXF-client-for-WCF-service-with-ws-trust-tp5726516p5726519.html
Sent from the cxf-user mailing list archive at Nabble.com.

Re: CXF client for WCF service with ws-trust

Posted by KJanssens <kr...@xt-i.com>.

So I continued doing some research and I assume now that the .Net WCF
implementation uses a combination of WS-Trust and WS-SecureConversation.

And because of the SecureConversation the client request a new (context)
token from the WCF service.

Now I only need to find out how to enable this for my client ... ?



--
View this message in context: http://cxf.547215.n5.nabble.com/CXF-client-for-WCF-service-with-ws-trust-tp5726516p5726537.html
Sent from the cxf-user mailing list archive at Nabble.com.

Re: CXF client for WCF service with ws-trust

Posted by KJanssens <kr...@xt-i.com>.

I've just logged the following ticket:
https://issues.apache.org/jira/browse/CXF-4977



--
View this message in context: http://cxf.547215.n5.nabble.com/CXF-client-for-WCF-service-with-ws-trust-tp5726516p5726567.html
Sent from the cxf-user mailing list archive at Nabble.com.

Re: CXF client for WCF service with ws-trust

Posted by Colm O hEigeartaigh <co...@apache.org>.

It's likely that CXF doesn't support that scenario. Could you log a JIRA
with the security policy of the service + I'll take a look?

Colm.


On Fri, Apr 19, 2013 at 7:51 AM, KJanssens <kr...@xt-i.com>wrote:

> I've built a CXF client by configuring the necessary beans in Spring.
>
> When I run my client, these are the soap messages I get from the log file:
> 1. Client sends a soap msg to STS server to request a token
> 2. If authenticated, the STS server replies with a token
> 3. Client sends a message with the token embedded in it to the WCF service
> to invoke an operation
> 4. WCF service should" reply with an answer from the invoked operation
>
> But instead I get following errormessage from the WCF service: "An error
> occurred when verifying security for the message."
>
> I also have the logging of a .NET client to access the same WCF service and
> I noticed he acted differently:
> 1. Client sends soap msg to STS server to request token#1
> 2. If authenticated, the STS server replies with token#1
> 3. Client sends a message with token#1 embedded in it to the WCF service
> and
> a request for token#2
> 4. If token#1 is authenticated, the WCF service replies with token#2
> 5. Client sends a message with token#2 embedded in it to the WCF service to
> invoke an operation
> 6. WCF service replies with an answer from the invoked operation
>
>
> I can't seem to find anything about this in the CXF documentation, so
> hopefully I'm missed it or is this behaviour not supported by the CXF
> framework?
>
>
>
> --
> View this message in context:
> http://cxf.547215.n5.nabble.com/CXF-client-for-WCF-service-with-ws-trust-tp5726516.html
> Sent from the cxf-user mailing list archive at Nabble.com.
>



-- 
Colm O hEigeartaigh

Talend Community Coder
http://coders.talend.com